System for communication from a user to the publisher of a scannable label

ABSTRACT

“Publishers” generate individual QR codes which may be either displayed on a smartphone or printed on a physical label, and “consumers” scan and decode those codes for secure and private communication with the publishers, without either party knowing the phone number or email address of the other party. At least one profile associated with the publisher may be an anonymous profile that permits the disclosure of only a specified subset of the otherwise available information about that publisher, and that information is not directly embodied in the displayed code, but rather is stored on a secure remote server which is selectively accessible by the consumer. If both parties have not authorized the release of their respective names and phone numbers (or other public contact information) to the other party by exchanging respective public profiles within a predetermined time period, any associated temporary contact numbers may be disabled and any anonymous contact information may be deleted from the remote server. A remote app on the publisher&#39;s smartphone may be used to generate the QR code and upload the associated contact information and permissions to the secure server, and a local app on the consumer&#39;s smartphone may be used to scan and process the QR code and commence secure and private communication with that publisher via the secure server.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a Continuation of U.S. patent application Ser. No.15/798,391 filed on 30 Oct. 2017 which is Continuation of U.S. patentapplication Ser. No. 15/141,251 filed on 22 Apr. 2016 (now U.S. Pat. No.9,811,706) which is a Continuation in Part of PCT Application PCT/US2016/028820 filed on 22 Apr. 2016 which claims the benefit of U.S.Provisional Patent Application 62/151,524 filed on 23 Apr. 2015, all ofwhich are hereby incorporated by reference in their entirety.

FIELD OF THE INVENTION

The present invention relates generally to exchange of privateinformation over a public network, and more particularly to a system forpublishing and using scannable labels for facilitating privatecommunications with a remote business or individual.

BACKGROUND ART

A QR (“Quick Response”) code is a machine-readable optical label thattypically contains (or is linked to) information about the item to whichit is attached. It differs from a conventional UPC barcode label in thatthe encoded information is presented in two dimensions using apredetermined encoding mode such as numeric, alphanumeric, binary, orcharacter (eg kanji) and an associated error correcting code to storeand reconstruct the data, and offers more reliable readability andgreater storage capacity. Applications include product tracking, itemidentification, time tracking, document management, and generalmarketing.

A QR code consists of a two dimensional array of binary valued cells(typically either black or white square dots arranged in a square grid),which can be captured by an imaging device (such as a digital camera ina smart phone) and processed to reconstruct an approximation of theoriginal two dimensional pattern of dots. Some of the cells have fixedvalues arranged in a fixed pattern and define the size and orientationof the grid, and other cells represent bits of encoded binary dataarranged in rows and columns of the square grid. The associated errorcorrecting code is then used to extract the original data from thehorizontal and vertical components of the reconstructed square grid.

The amount of data depends on the size (number of discrete data points)of the label and the complexity (robustness) of the associated errorcorrecting code:

-   -   Level L—up to 7% damage    -   Level M—up to 15% damage    -   Level Q—up to 25% damage    -   Level H—up to 30% damage

FIG. 1 specifies the data that may be encoded with a 40-L (maximumcapacity) QR Code.

Unlike the older, one-dimensional barcodes that were designed to betraversed by a narrow beam of light, a QR code is captured by a2-dimensional digital image sensor and the resultant digital image datathen analyzed by a programmed processor. The processor locates the threedistinctive squares at the corners of the QR code image, using a smallersquare (or multiple squares) near the fourth corner to normalize theimage for size, orientation, and angle of viewing. The small dotsthroughout the QR code are then converted to binary numbers andvalidated with an error-correcting code.

Although initially designed for tracking parts in vehicle manufacturing,QR codes now are used in a much broader context, including bothcommercial tracking applications and convenience-oriented applicationsaimed at mobile-phone users (termed mobile tagging). QR codes may beused to display text to the user, to add a vCard contact to the user'sdevice, to open a Uniform Resource Identifier (URI), or to compose ane-mail or text message. Various QR code apps are available that can beused for publishing (generating and printing) a new QR code and forusing (capturing and interpreting) a previously published QR Code.Japan's NTT DoCoMo has established de facto standards for the encodingof URIs, contact information, and several other data types. Theopen-source “ZXing” project maintains a list of QR code data types.

QR codes have been used over a wide range of applications, includingcommercial tracking, entertainment and transport ticketing,product/loyalty marketing and in-store product labeling. Many of theseapplications target mobile-phone users (via mobile tagging). Users mayreceive text, add a vCard contact to their device, open a URI, orcompose an e-mail or text message after scanning QR codes. They cangenerate and print their own QR codes for others to scan and use byvisiting one of several pay or free QR code-generating sites or apps.Recruiters have placed QR codes in job advertisements, while applicantshave placed their own QR code in their CVs and visiting cards. QR codescan also be used in accessing personal information for use byorganizations.

Typically, a smartphone having a built in digital camera and a built inQR scanning app functions as a QR code scanner and extracts (andoptionally displays) the encoded digital data in its original format(numeric, alphanumeric, binary, or character). A special user app(typically downloaded from or otherwise in communication with the samewebsite that created and published that particular QR code) converts thedecoded digital data into some useful digital format (such as a standardURL for a website), thereby obviating the need for a user to type theencoded data into a web browser or other user app. Such a QR coderepresentation of a brand's URL has become a focus of advertisingstrategy, since it provides a way to access a brand's website morequickly than by manually entering the individual characters comprisingthe URL and any associated search parameters.

QR codes storing addresses and URLs may appear in magazines, on signs,on buses, on business cards, or on almost any object about which usersmight want information. Users with a camera phone equipped with thecorrect reader application can scan the image of the QR code to displaytext, contact information, connect to a wireless network, or open a webpage in the phone's browser. This act of linking from physical worldobjects is termed hardlinking or object hyperlinking. QR codes also maybe linked to a location to track where a code has been scanned. Eitherthe application that scans the QR code retrieves the geo information byusing GPS and cell tower triangulation (aGPS) or the URL data encoded inthe QR code itself is associated with a location.

QR codes can be used with various mobile device operating systems tosupport URL redirection, which allows the QR codes to input metadata toexisting applications on the device. Many paid or free apps areavailable with the ability to scan the codes, extract the embeddedmetadata, and hard-link to an external URL.

QR codes can be also used to establish a secure log in to an associateddevice: a QR Code is shown on the login page on a computer screen, andwhen a registered user scans that code with a verified smartphone, thatuser will automatically be logged in on the computer. Authentication isperformed by the user's smartphone which uses the information in QR codeto contact the responsible authentication server and execute theappropriate authentication protocol.

The amount of data that can be stored in the QR code symbol depends onthe datatype (mode, or input character set), version (1 through 40,indicating the overall dimensions of the symbol), and error correctionlevel (Low=7%, Medium=15%, Quality=25%, or High=30%). The maximumstorage capacities occur for 40-L symbols (version 40, error correctionlevel L), as set forth in FIG. 1.

US Patent Publication 2014/0032285 describes a system in which scanninga QR code generates an email address to a payment gateway. US PatentPublication 2014/0117087, describes a system for using QR codes in adating service.

SUMMARY

In accordance with one aspect of the present invention, a business owner(or other responsible individual) dealing with external customers (orother unrelated individuals) is able to validate and correlate orders,offers, reviews and/or suggestions from a customer (or other unrelatedindividual) by means of an encoded label that is physically associatedwith a particular time, location, activity, and/or transactionassociated with an interaction between the business and the unrelatedindividual, and that may be used by any such unrelated individual toinitiate and/or validate a private and/or anonymous communication withthe business owner in a manner that allows the business owner to managehis business and improve its service without any direct confrontationwith that particular customer.

In accordance with another aspect of the present inventions, a firstindividual seeking to establish a relationship (either personal orprofessional) with other individuals is able to initiate limitedcommunication with those other individuals by means of an encoded labelthat is physically associated with the first individual, but that doesnot include any private information (such as email addresses or Facebookpages) that the first individual does not want to disclose to strangers.The encoded label may then be used by another individual to establish aprivate and/or anonymous communication with the first individual.

In a presently preferred embodiment, a “publisher” desiring to maintainprivate and anonymous communications with customers or casualacquaintances or other unrelated individuals (“consumers”) must firstdownload a remote app that generates QR codes specific to the publisherwhich may be either displayed as individual digital images on asmartphone or other interactive display device in the physicalpossession of the publisher or printed on a physical label which isaccessible to the particular consumers of interest to that publisher, Ineither case, the consumers are also required to install a local app(which can be the same as (or part of a subset of) the downloaded remoteapp) on their devices in order to scan and decode the displayed orprinted QR code and commence secure and private communication with thepublisher via a remote server. The publisher's remote app preferablyincludes a first means for receiving contact information and otherprivate details relating to each of the publisher's profiles, a secondmeans for generating a unique identification code (and associated QRcode symbol) for each specified profile, a third means for publishingthe QR code symbol for each unique code if and when instructed to do soby the publisher, and a fourth means for transmitting to a secure remoteserver the unique code and any related details for each of thepublisher's profiles.

The consumer's local app (or if the consumer is also a publisher, thelocal app portion of his remote app) preferably includes a first meansfor enabling the consumer's interactive device to scan a digital imageof the publisher's displayed QR code symbol, a second means forprocessing that digital image to recover the embedded uniqueidentification code, and a third means for transmitting the recoveredunique identification code and any relevant details of the consumer'sprofile to the secure remote server.

A table is preferably maintained by the remote app for storingpreviously received transactional codes and the corresponding contactand transactional details for the specific profile which each coderepresents, including any later received updates and/or deletionsthereof.

In a first exemplary specific embodiment, in response to thetransactional code derived from a particular QR code and anyaccompanying message received from a particular consumer, the remoteserver sends a text message or email (or other private communication) tothe individual or business who published that QR code without revealingto that publisher the text address (mobile phone number) or emailaddress or any other private information associated with the consumerwho scanned that QR code. By this means, the consumer can send ananonymous text message, email, or other message (and/or can forward thataccompanying message) to the owner or management of a business, withouteither party knowing the phone number or email address (or other contactinformation) of the other party.

In a second exemplary specific embodiment, a unique QR code is generatedby the remote app for each individual “publisher” (or if a particularpublisher wishes to maintain different public and/or anonymous profilesfor different categories of acquaintances, for each profile maintainedby that publisher) by means of the remote app. Upon scanning andinterpretation of the published code for a particular “profile” andtransmittal of that code to the secure server, the remote apps ofunrelated “consumers” have access only to certain information about aparticular publisher that has been uploaded to the secure server by thatpublisher's remote app, linked to the particular profile associated withthat particular published code, and marked as “disclose”. For example,the information stored on the secure server may include first name, lastname, phone number, address, email, Identification and/or Driver'sLicense number, social security number, and photo, but the informationdisclosed to the unrelated consumer will be limited to first name,photo, and a numerical code which may be used to send a limited numberof text messages as defined by the “anonymous” profile that correspondsto the particular code that was displayed by the publisher and wasscanned by the consumer.

In both of these specific embodiments, at least some (and preferablyall) of the stored information about a particular business or individualresponsible for publishing the QR code is not directly embodied in thecode, but rather is stored on the remote app or on the same secureremote server which is selectively accessible by the local apps of therespective parties.

An enhanced log be maintained at the secure remote server for storingeach instance of a received transactional code together with the time oftransmission to the remote app and any other transactional detailsassociated with that transmission, whereby suspicious transmissions froma particular user or user device for transmission to another particularuser or user device may be identified and appropriate action may beperformed after a specified number of such communications have beenreceived. In a presently preferred embodiment, an individual or abusiness or other group of affiliated individuals (the “publisher”)desiring to maintain private and/or anonymous communications withcustomers or other unrelated individuals (the “consumer”) must firstdownload a remote app that generates two dimensional QR codes specificto that publisher which may be either displayed on an interactivedisplay device (such as a SmartPhone) or printed on a physical label,whereby a specific QR code associated with that particular publisher maybe selectively displayed to one or more consumers of interest to thatpublisher. Once a particular consumer has already installed a local app(which can be the same as the downloaded remote app) on his interactivedisplay device, he may scan and decode the displayed or printed code anduse that decoded information to commence communication (preferablyanonymous) with the publisher, optionally including details (such astime, transaction, and/or location) associated with its display by thepublisher and its scanning by the consumer.

In a first exemplary specific embodiment, the local app instructs theremote app to send a text message or email to the individual or businesswho published the code but did not make public the text address (mobilephone number) or email address of the publisher. By this means, acustomer (the consumer) can send a private text message, email, ormessage to the owner or management of a business (the publisher),without either party knowing the phone number or email address of theother party.

In a second exemplary specific embodiment, the publisher's remote appgenerates and displays (publishes) the publisher's QR code (or aselected QR code if the publisher has more than one “profile”) prior tothe publisher's display device being scanned by a particular consumer'sinteractive display device by means of a local app (which may be thesame as the remote app). Preferably, at least one profile associatedwith the publisher is an anonymous profile that permits the disclosureof only a specified subset of the otherwise available information aboutthat publisher. For example, the known information about the publishermay include first name, last name, phone number, address, email,Identification and/or Driver's License number, social security number,and photo, but the specified information disclosed to the unrelatedconsumer scanning the QR code associated with such an anonymous profilemight be limited to first name, photo, and a temporary contact numberwhich may be used to send a limited number of text messages during alimited time to the particular publisher.

In both of these specific embodiments, most (and preferably all) of theknown information about a particular business or individual responsiblefor publishing the code is preferably not directly embodied in thedisplayed code, but rather is stored on the secure remote server whichmay be selectively accessible by the consumer's local app once thatparticular consumer has been given the appropriate permission. This istrue even if the coded label uses a relatively high capacity twodimensional format such as a QR code.

In a further refinement of the invention, at least some informationabout the consumer is also stored on the secure remote server in amanner analogous to that of the publisher (preferably using the sameremote app functionality), whereby the consumer may selectivelyauthorize access to his information by, and/or direct communicationfrom, the publisher who initiated the contact with the consumer. In yetanother refinement, if both parties have not authorized the release oftheir respective names and phone numbers (or other public contactinformation) to the other party within a predetermined time period, anyassociated temporary contact numbers are disabled and all associatedinformation is deleted from the remote server.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 specifies the data that may be encoded with a 40-L (maximumcapacity) QR Code.

FIGS. 2 through 25 are screen shots showing a typical operationalsequence that may be performed by a presently preferred embodiment ofthe invention.

DETAILED DESCRIPTION

A presently preferred embodiment combining aspects of the previouslydescribed embodiments is shown in FIGS. 2 though 25. FIGS. 2 and 3represent the first page that comes up on the publisher's screen, whichasks him to allow (“OK”) push notifications. Then it is followed by thelogin screen (FIG. 3), by entering the user's “Email” and “Password”,(default at top of screen), or by linking to Facebook, Twitter, orGooglePlus, using respective buttons at bottom of screen.

FIG. 4 shows the different QR profiles the user has created, including 3default profiles that the app comes with. When the user selects (clickson) one of these saved profiles, a correspondingly labeled QR codeappears (FIG. 5) on the publisher's screen whereby it may be scanned bythe other user (eg, a customer) (See also FIG. 14).

FIG. 6 shows how a saved profile may be deleted. To delete a profile,simply slide (iOS) and tap (iOS) or hold (Android) Delete. Then confirmthat you want to delete it.

FIGS. 7 and 8 show how a new profile may be created by simply clickingthe +(add) icon on the top right on the home page, and then selectingthe profile type (Personal or Professional).

FIGS. 9 and 10 show the available information fields for a PERSONALprofile (“John” in the illustrated example); FIGS. 11, 12 and 13 showthe available information fields for a PROFESSIONAL profile (“JohnLawyer” in the illustrated example).

After the publisher's selected QR code appears on his screen (FIG. 14),the publisher can show it to another user (the “consumer”) with a localapp which has a Scan QR mode which scans it when the customer places hisphone's camera above the QR code displayed on the publisher's screen.Once the consumer (eg, a potential customer at a trade show) has therebysuccessfully scanned the displayed QR code, a box (FIG. 15) appears onhis screen, which allows him enter a description (optional) and save theassociated contact code and any optional description as a new anonymouscontact (FIG. 16).

After that other user clicks “OK”, an “added successfully” message isdisplayed on his screen (FIG. 17), which verifies that the publisher'scontact info (as defined in the particular profile which created thatparticular QR code) has been added successfully to the customer'sContacts.

To edit his QR profile, the user simply goes to his “My QR Codes” tab(FIG. 18) and clicks Edit on whichever profile he want to edit,whereupon the previously stored information for that profile (FIGS. 19and 20) Is displayed. This will allow you to edit any of the fields ofthe selected profile. When finished editing, click “Save”, and theprofile(s) will be updated.

To see your contacts, click on the “Contacts” tab (FIG. 21). Thecontacts are displayed by group in the following order: Personalprofiles first (in alphabetical order), then Professional profiles (inalphabetical order), and then Anonymous profiles (in alphabeticalorder). If there is no name associated with the QR code you havescanned, then that profile goes on top displaying any description youmay have entered, which is why the contact “Business” is before “Bob”.You may email, text, or call your contacts by clicking the correspondingicons, but only if that contact has shared that information with you.

As shown in FIG. 22, you may also see (and possibly edit) theinformation your contacts have shared with you by clicking on theprofile icon (FIG. 21) for that contact.

FIG. 23 shows the “Settings” page, where users can invite friends viaemail, text, Facebook, Twitter, or GooglePlus; view any Notifications(see below); see the relevant “Terms and Conditions”, “Privacy Policy”,and/or About” pages, or Log Out.

FIG. 24 shows a blank Notifications page. A user receives notificationswhen he has scanned someone, someone has scanned him, when an anonymouschat message is waiting, when an anonymous contact is about to expire orwhen it has expired, and also when the system or the systemadministrator chooses to send any information relevant to a particularuser or group of users. Since in the illustrated example, there are nonotifications, the Notification screen says “You have no notificationsat this time”. If there were notifications, it would display them andhave a time and date next to each. User receives notifications when hehas scanned someone, someone has scanned him, when someone has sent ananonymous chat message and is waiting, when an anonymous contact isabout to expire or when it has expired, and also when the system or thesystem administrator chooses to send any information relevant to aparticular user or group of users.

As shown in FIG. 25, a user with an Anonymous profile can decide thenumber of days someone can keep in contact with him, through a secureserver, using that particular anonymous profile. Choices are 1 day, 3days, 7 days, 15 days, or 30 days.

All confidential user data is preferably stored in the secure server andnot in the client. In some environments, such as Android and the Picasaimage server, images such as Profile pictures and QR codes) may besecurely cached in the client side.

It is required for a second person to have the app in order to scan a QRcode, call/text/email one of his/her contacts, and visit any of his/hercontacts.

Facebook/Twitter/LinkedIn/Instagram: An 8 digit random code ispreferably generated for each profile created by any user. No privatedata is encoded into the QR Code. If someone uses another application toscan the QRCode, all they would get is an 8 digit random code that mustbe decoded after it is received by the secure server.

Each profile is associated with a QR Code. If a user has two profiles,he has 2 QR Codes associated with them. The number of codes has norelation with the number of contacts of a user. For example, a user, say“personA”, has 50 contacts and 2 profiles for himself. He has 2 QRCodes(one for each profile). The contacts are linked through the internaluser IDs of the app. So if “personA” has 50 people in his contacts, inthe contacts table his userID is linked to 50 other user IDs.

The passwords are preferably encrypted using a MD5# algorithm (Thisencryption cannot be decrypted, only compared). All other data is storedas such. If 2 parties are exchanging messages they do it through aconversation ID which links their user IDs. Chat Messages that userssend to each other are stored in a messages Table in the server. Othermessages like SMS(Text) messages are stored in a standard way in thephones.

Those skilled in the art will realize that although the invention hasbeen described with reference to a specific coding format (a highcapacity 40-L QR code), many of the underlying concepts are usable withother known and not yet known scannable code formats, and the inventionis not necessarily limited to encoded data that are embodied in knownscannable codes such as one dimensional UPC barcodes or two dimensionalQR codes.

What is claimed is:
 1. A method for facilitating private or anonymouscommunications, comprising: obtaining, with a two dimensional codescanner of an application residing on a mobile device of a first user, ascanned image of a code symbol corresponding to a unique communicationprofile of a second user; converting, using the application of themobile device of the first user, the scanned image of the code symbolinto a corresponding two dimensional pattern of dots representative ofthe code symbol; extracting from the two dimensional pattern of dots,using the application of the mobile device of the first user, a digitalidentification code of the second user in the form of a sequence ofdigital data embedded in the code symbol; and establishing, using anapplication of the mobile device of the first user and the digitalidentification code of the second user, a secure two-way communicationwith the second user; wherein the digital identification code of thesecond user does not include information associated with a networkaddress of the second user or information designated as anonymous by thesecond user.
 2. The method of claim 1, wherein establishing the securetwo-way communication with the second user does not reveal to the seconduser the network address of the first user or information designated asanonymous by the first user.
 3. The method of claim 2, whereinestablishing a secure two-way communication with the second usercomprises using a secure server.
 4. The method of claim 3, wherein thesecure server stores one o more of: the information associated with anetwork address of the first or second user, the information designatedas anonymous by the first or second user, or contact information of thefirst or second user.
 5. The method of claim 4, wherein the secureserver uses at least some of the information associated with a networkaddress of the first or second user, at least some of the informationdesignated as anonymous by the first or second user, or at least some ofthe contact information of the first or second user to establish thesecure two-way communication between the first and second users.
 6. Themethod of claim 4, wherein the secure server deletes one or more of: thecorresponding information associated with a network address of the firstor second user, the information designated as anonymous by the first orsecond user, or the contact information of the first or second user ifthe first or second user has not established a secure two-waycommunication within a predetermined time.
 7. The method of claim 1,wherein the digital identification code of the second user expires ifthe first user does not establish the secure two-way communication withthe second user within a predetermined time.
 8. The method of claim 1,wherein the application of the mobile device of the first user includesa stored table of previously extracted digital identification codes ofother users, including the second user.
 9. The method of claim 8,wherein the digital identification code of the second user includes aset of numbers or a value associated with a stored profile of the seconduser.
 10. The method of claim 9, wherein a remote server uses the set ofnumbers or the value to access the information associated with a networkaddress of the second user or the information designated as anonymous bythe second user.
 11. The method of claim 1, wherein the code symbolcorresponding to a unique communication profile of the second usercomprises a QR code and includes a classification category indicative ofthe level of anonymity associated with the profile.
 12. The method ofclaim 11, wherein the classification category is one of: personal,professional, anonymous, or miscellaneous.
 13. The method of claim 1,further comprising: receiving, via the application of the mobile deviceof the first user, notifications from the second user.
 14. The method ofclaim 13, wherein the notifications comprise one or more of: a requestto establish a two-way communication, an alert, a sound, an icon badge,a sticker, a selection of one or more items for purchase, or a reminderto perform a task.
 15. The method of claim 1, further comprising:receiving, via the application of the mobile device of the first user,one or more of: the information associated with a network address of thesecond user, the information designated as anonymous by the second user,or contact information of the second user, as authorized by the seconduser.
 16. The method of claim 15, further comprising: storing, via theapplication of the mobile device of the first user, one or more of: theinformation associated with a network address of the second user, theinformation designated as anonymous by the second user, or the contactinformation of the second user in the first user's contact lists.
 17. Amethod for facilitating private or anonymous communications, comprising:creating, using an application of a mobile device of a first user, aunique communication profile of a first user, wherein the profileincludes information designated as anonymous by the first user;generating, using the application of the mobile device of the firstuser, a two dimensional code symbol corresponding to the uniquecommunication profile of the first user; displaying, using theapplication of the mobile device of the first user, the code symbol forscanning by a second user, wherein the code symbol includes a digitalidentification code of the first user in the form of a sequence ofdigital data embedded in the code symbol; and establishing, using anapplication of the mobile device and the digital identification code ofthe first user, a secure two-way communication with the second user;wherein the digital identification code of the second user does notinclude information associated with a network address of the first useror information designated as anonymous by the first user.
 18. The methodof claim 17, wherein the application of the mobile device of the firstuser includes a stored table of previously generated two dimensionalcode symbols of the first user.
 19. A tangible, non-transitory,machine-readable medium storing instructions that when executed by oneor more processors effectuate operations comprising: obtaining, with atwo dimensional code scanner of an application residing on a mobiledevice of a first user, a scanned image of a code symbol correspondingto a unique communication profile of a second user; converting, using anapplication of the mobile device of the first user, the scanned image ofthe code symbol into a corresponding two dimensional pattern of dotsrepresentative of the code symbol; extracting from the two dimensionalpattern of dots, using the application of the mobile device of the firstuser, a digital identification code of the second user in the form of asequence of digital data embedded in the code symbol; and establishing,using an application of the mobile device of the first user and thedigital identification code of the second user, a secure two-waycommunication with the second user; wherein the digital identificationcode of the second user does not include information associated with anetwork address of the second user or information designated asanonymous by the second user.
 20. The medium of claim 19, wherein theoperations further comprise: listing the scanned image of the codesymbol in a database of active code symbols.